Mirrors/moonlight-qt
2
0
Fork 0
mirror of https://github.com/moonlight-stream/moonlight-qt synced 2024-12-15 05:42:28 +00:00
Code Issues Projects Releases Packages Wiki Activity

Don't persist the server cert until pairing is successful

Browse source 
Fixes #484
This commit is contained in:
Cameron Gutman 2020-12-15 21:24:21 -06:00
parent 355e4a5c67
commit b66f7f6c8b
1 changed files with 7 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
app/backend/nvpairingmanager.cpp
View file

@ -238,17 +238,18 @@ NvPairingManager::pair(QString appVersion, QString pin, QSslCertificate& serverC
return PairState::ALREADY_IN_PROGRESS;
}
serverCert = QSslCertificate(serverCertStr);
if (serverCert.isNull()) {
Q_ASSERT(!serverCert.isNull());
QSslCertificate unverifiedServerCert = QSslCertificate(serverCertStr);
if (unverifiedServerCert.isNull()) {
Q_ASSERT(!unverifiedServerCert.isNull());
qCritical() << "Failed to parse plaincert";
m_Http.openConnectionToString(m_Http.m_BaseUrlHttp, "unpair", nullptr, REQUEST_TIMEOUT_MS);
return PairState::FAILED;
}
// Pin this cert for TLS
m_Http.setServerCert(serverCert);
// Pin this cert for TLS until pairing is complete. If successful, we will propagate
// the cert into the NvComputer object and persist it.
m_Http.setServerCert(unverifiedServerCert);
QByteArray randomChallenge = generateRandomBytes(16);
QByteArray encryptedChallenge = encrypt(randomChallenge, aesKey);
@ -353,5 +354,6 @@ NvPairingManager::pair(QString appVersion, QString pin, QSslCertificate& serverC
return PairState::FAILED;
}
serverCert = std::move(unverifiedServerCert);
return PairState::PAIRED;
}